CVE-2022-29287: 
Kentico Xperience vulnerability analysis and mitigation

CVE-2022-29287 is an Insecure Direct Object Reference vulnerability affecting Kentico CMS versions before 13.0.66. The vulnerability was discovered in April 2022 and allows an attacker with user management rights to access sensitive data of higher privileged users, including global administrators (Offensity Blog, NVD).

The vulnerability exists in the user export functionality of Kentico CMS. While the system performs an initial authorization check when a user attempts to export another user's settings, this check can be bypassed by directly sending the second-stage POST request with the target user's ID (objectId) and filename parameters. The vulnerability has a CVSS score of 4.9 (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N) (Offensity Blog).

An authenticated attacker with administrator privileges can export settings of users with higher privileges, such as global administrators. The exported data contains sensitive information, including hashed passwords and other user configuration details (Offensity Blog).

The vulnerability was fixed in Kentico CMS version 13.0.66, released on April 11, 2022. Users are recommended to update to this version or later to address the security issue (Offensity Blog).